CVE Catalog

CVE-2025-11024

Critical
Published: Translated: NVD NIST

Summary

There is an SQL injection vulnerability in Akilli Commerce software that allows for a Blind SQL Injection attack. This issue affects E-Commerce Website versions before 4.5.001.

Risk Assessment

An attacker could exploit this vulnerability to gain unauthorized access to database information, potentially leading to serious security breaches.

Recommendation

It is recommended to update the software to version 4.5.001 or later to mitigate this vulnerability.

Original NVD description (English source)

Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Blind SQL Injection. This issue affects E-Commerce Website: before 4.5.001.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS